Merge pull request #4523 from dgarske/nxp_se050_fixes

Fixes for NXP SE050 ECC create and key store id
2026-04-28 21:03:23 +02:00 · 2021-11-09 08:56:03 +10:00
parent 5a4577eb6c 3941eea626
commit dd833807d8
12 changed files with 726 additions and 525 deletions
@@ -68,7 +68,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
 #ifdef WOLFSSL_IMXRT_DCP
    #include <wolfssl/wolfcrypt/port/nxp/dcp_port.h>
 #endif
-#ifdef WOLFSSL_SE050
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
    #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
 #endif

@@ -867,7 +867,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
 #elif defined(WOLFSSL_DEVCRYPTO_AES)
    /* implemented in wolfcrypt/src/port/devcrypto/devcrypto_aes.c */

-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
    static int AES_ECB_encrypt(Aes* aes, const byte* inBlock, byte* outBlock,
        int sz)
    {
@@ -2598,7 +2598,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
        return wc_AesSetKey(aes, userKey, keylen, iv, dir);
    }

-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
                  int dir)
    {   
@@ -3876,7 +3876,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
 #elif defined(WOLFSSL_DEVCRYPTO_CBC)
    /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */

-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
    {
        return se050_aes_crypt(aes, in, out, sz, AES_ENCRYPTION,
@@ -10363,7 +10363,7 @@ void wc_AesFree(Aes* aes)
    }
 #endif

-#if defined(WOLFSSL_SE050)
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
    se050_aes_free(aes);
 #endif

@@ -1218,7 +1218,7 @@ static int wc_ecc_export_x963_compressed(ecc_key*, byte* out, word32* outLen);

 #if (defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || !defined(WOLFSSL_SP_MATH)) && \
    !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
-    !defined(WOLFSSL_CRYPTOCELL)
+    !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SE050)
 static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
        mp_int* prime, mp_int* order);
 #endif
@@ -4720,7 +4720,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
      err = NOT_COMPILED_IN;
   }
 #elif defined(WOLFSSL_SE050)
-    err = se050_ecc_create_key(key, curve_id, keysize);
+    err = se050_ecc_create_key(key, key->dp->id, key->dp->size);
    key->type = ECC_PRIVATEKEY;
 #elif defined(WOLFSSL_CRYPTOCELL)

@@ -5239,10 +5239,7 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
        (void)rng;
    #elif defined(WOLFSSL_SE050)
        err = se050_ecc_sign_hash_ex(in, inlen, out, outlen, key);
-        if (err == 0) 
-            err = DecodeECC_DSA_Sig(out, *outlen, r, s);
-
-        return err;
+        (void)rng;
    #endif

        /* Load R and S */
@@ -7032,11 +7029,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
 #elif defined(WOLFSSL_KCAPI_ECC)
   byte sigRS[MAX_ECC_BYTES*2];
 #elif defined(WOLFSSL_SE050)
-   #ifdef WOLFSSL_SMALL_STACK
-   byte* sigRS = NULL;
-   #else
-   byte  sigRS[ECC_MAX_CRYPTO_HW_SIZE * 2];
-   #endif
+   byte sigRS[ECC_MAX_CRYPTO_HW_SIZE * 2];
 #elif !defined(WOLFSSL_SP_MATH) || defined(FREESCALE_LTC_ECC)
   int          did_init = 0;
   ecc_point    *mG = NULL, *mQ = NULL;
@@ -7098,17 +7091,24 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
    }
 #endif

-#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
-    /* Extract R and S */
-    err = mp_to_unsigned_bin(r, &sigRS[0]);
+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
+    defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
+    defined(WOLFSSL_KCAPI_ECC) || defined(WOLFSSL_SE050)
+
+    /* Extract R and S with front zero padding (if required) */
+    XMEMSET(sigRS, 0, keySz * 2);
+    err = mp_to_unsigned_bin(r, sigRS +
+                                (keySz - mp_unsigned_bin_size(r)));
    if (err != MP_OKAY) {
        return err;
    }
-    err = mp_to_unsigned_bin(s, &sigRS[keySz]);
+    err = mp_to_unsigned_bin(s, sigRS + keySz +
+                                (keySz - mp_unsigned_bin_size(s)));
    if (err != MP_OKAY) {
        return err;
    }

+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
    err = atmel_ecc_verify(hash, sigRS, key->pubkey_raw, res);
    if (err != 0) {
       return err;
@@ -7116,17 +7116,6 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
    (void)hashlen;
 #elif defined(WOLFSSL_CRYPTOCELL)

-   /* Extract R and S */
-
-   err = mp_to_unsigned_bin(r, &sigRS[0]);
-   if (err != MP_OKAY) {
-       return err;
-   }
-   err = mp_to_unsigned_bin(s, &sigRS[keySz]);
-   if (err != MP_OKAY) {
-       return err;
-   }
-
   /* truncate if hash is longer than key size */
   if (msgLenInBytes > keySz) {
       msgLenInBytes = keySz;
@@ -7153,69 +7142,18 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
   /* valid signature if we get to this point */
   *res = 1;
 #elif defined(WOLFSSL_SILABS_SE_ACCEL)
-   /* Extract R and S */
-
-   err = mp_to_unsigned_bin(r, &sigRS[0]);
-   if (err != MP_OKAY) {
-       return err;
-   }
-   err = mp_to_unsigned_bin(s, &sigRS[keySz]);
-   if (err != MP_OKAY) {
-       return err;
-   }
-
-   err = silabs_ecc_verify_hash(&sigRS[0], keySz*2,
+   err = silabs_ecc_verify_hash(&sigRS[0], keySz * 2,
                                hash, hashlen,
                                res, key);
-
 #elif defined(WOLFSSL_KCAPI_ECC)
-    /* Extract R and S */
-    err = mp_to_unsigned_bin(r, &sigRS[0]);
-    if (err != MP_OKAY) {
-        return err;
+    err = KcapiEcc_Verify(key, hash, hashlen, sigRS, keySz * 2);
+    if (err == 0) {
+        *res = 1;
    }
-    err = mp_to_unsigned_bin(s, &sigRS[key->dp->size]);
-    if (err != MP_OKAY) {
-        return err;
-    }
-
-   err = KcapiEcc_Verify(key, hash, hashlen, sigRS, key->dp->size * 2);
 #elif defined(WOLFSSL_SE050)
-    {
-        /* Used when following a hardware sign operation */
-        int rLeadingZero = mp_leading_bit(r);
-        int sLeadingZero = mp_leading_bit(s);
-        int rLen = mp_unsigned_bin_size(r);
-        int sLen = mp_unsigned_bin_size(s);
-        word32 signatureLen = rLeadingZero + sLeadingZero + 
-            rLen + sLen + SIG_HEADER_SZ; /* see StoreECC_DSA_Sig */
+    err = se050_ecc_verify_hash_ex(hash, hashlen, sigRS, keySz * 2, key, res);
+#endif

-    #ifdef WOLFSSL_SMALL_STACK
-        sigRS = (byte*)XMALLOC(signatureLen, NULL, DYNAMIC_TYPE_SIGNATURE);
-        if (sigRS == NULL) {
-            err = MEMORY_E;
-        }
-    #else
-        if (signatureLen > sizeof(sigRS)) {
-            err = BUFFER_E;
-        }
-    #endif
-        if (err == 0) {
-            err = StoreECC_DSA_Sig(sigRS, &signatureLen, r, s);
-        }
-        if (err == 0) {
-            err = se050_ecc_verify_hash_ex(hash, hashlen, sigRS,
-                signatureLen, key, res);
-        }
-    #ifdef WOLFSSL_SMALL_STACK  
-        if (sigRS != NULL) {
-            XFREE(sigRS, NULL, DYNAMIC_TYPE_SIGNATURE);
-            sigRS = NULL;
-        }
-    #endif
-        if (err != 0)
-            return err;
-    }
 #else
  /* checking if private key with no public part */
  if (key->type == ECC_PRIVATEKEY_ONLY) {
@@ -8052,7 +7990,7 @@ int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen,


 #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
-    !defined(WOLFSSL_CRYPTOCELL)
+    !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SE050)

 /* is ecc point on curve described by dp ? */
 int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime)
@@ -8513,10 +8451,11 @@ int wc_ecc_get_generator(ecc_point* ecp, int curve_idx)
 * checks on the bounds of the private key. */
 static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
 {
-    int    err = MP_OKAY;
+    int err = MP_OKAY;
 #ifndef WOLFSSL_SP_MATH
 #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
-    !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL)
+    !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
+    !defined(WOLFSSL_SE050)
    mp_int* b = NULL;
    #ifdef USE_ECC_B_PARAM
        DECLARE_CURVE_SPECS(curve, 4);
@@ -8527,7 +8466,7 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
        DECLARE_CURVE_SPECS(curve, 3);
    #endif /* USE_ECC_B_PARAM */
 #endif /* !WOLFSSL_ATECC508A && !WOLFSSL_ATECC608A && 
-          !WOLFSSL_CRYPTOCELL && !WOLFSSL_SILABS_SE_ACCEL */
+          !WOLFSSL_CRYPTOCELL && !WOLFSSL_SILABS_SE_ACCEL && !WOLFSSL_SE050 */
 #endif /* !WOLFSSL_SP_MATH */

    ASSERT_SAVED_VECTOR_REGISTERS();
@@ -8558,7 +8497,8 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)

 #ifndef WOLFSSL_SP_MATH
 #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
-    defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL)
+    defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
+    defined(WOLFSSL_SE050)

    /* consider key check success on HW crypto 
     * ex: ATECC508/608A, CryptoCell and Silabs */
@@ -8679,10 +8619,10 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
    FREE_CURVE_SPECS();
 #endif /* WOLFSSL_ATECC508A */
 #else
+    err = WC_KEY_SIZE_E;
+#endif /* !WOLFSSL_SP_MATH */
    (void)partial;
    (void)priv;
-    return WC_KEY_SIZE_E;
-#endif /* !WOLFSSL_SP_MATH */
    return err;
 }

@@ -8987,7 +8927,7 @@ int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
            }
        }
        else
-        #endif
+    #endif
        {
            err = wc_export_int(&key->k, d, dLen, keySz, encType);
            if (err != MP_OKAY)
@@ -42,7 +42,10 @@ make
 ``

 Where `PATH` is the directory location of `simw-top`.
-Example: `./configure --enable-debug --disable-shared --with-se050=/home/pi/simw-top CFLAGS="-DWOLFSSL_SE050_INIT"`
+Example: `./configure --with-se050=/home/pi/simw-top CFLAGS="-DWOLFSSL_SE050_INIT"`
+
+To enable AES Cipher support use `WOLFSSL_SE050_CRYPT`
+To enable SHA-1 and SHA-2 support use `WOLFSSL_SE050_HASH`

 ## Building Examples

@@ -336,7 +336,7 @@
 #elif defined(WOLFSSL_SILABS_SE_ACCEL)

    /* implemented in wolfcrypt/src/port/silabs/silabs_hash.c */
-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)

    #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
    int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
@@ -846,7 +846,7 @@ void wc_ShaFree(wc_Sha* sha)
 #ifdef WOLFSSL_PIC32MZ_HASH
    wc_ShaPic32Free(sha);
 #endif
-#ifdef WOLFSSL_SE050
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
   se050_hash_free(&sha->se050Ctx);
 #endif
 #if (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
@@ -184,7 +184,7 @@ where 0 <= L < 2^64.
    (!defined(WOLFSSL_ESP32WROOM32_CRYPT) || defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)) && \
    (!defined(WOLFSSL_RENESAS_TSIP_CRYPT) || defined(NO_WOLFSSL_RENESAS_TSIP_HASH)) && \
    !defined(WOLFSSL_PSOC6_CRYPTO) && !defined(WOLFSSL_IMXRT_DCP) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
-    !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050)
+    !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050_HASH)


 static int InitSha256(wc_Sha256* sha256)
@@ -585,7 +585,7 @@ static int InitSha256(wc_Sha256* sha256)
    !defined(WOLFSSL_QNX_CAAM)
    /* functions defined in wolfcrypt/src/port/caam/caam_sha256.c */

-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)

    #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
    int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId)
@@ -1411,7 +1411,7 @@ static int InitSha256(wc_Sha256* sha256)

        return ret;
    }
-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)

    #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
    int wc_InitSha224_ex(wc_Sha224* sha224, void* heap, int devId)
@@ -49,7 +49,7 @@
    #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif

-#ifdef WOLFSSL_SE050
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
    #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
 #endif

@@ -203,7 +203,7 @@
 #elif defined(WOLFSSL_KCAPI_HASH)
    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */

-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
    int wc_InitSha512(wc_Sha512* sha512)
    {
        if (sha512 == NULL)
@@ -952,7 +952,7 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)

 #if defined(WOLFSSL_KCAPI_HASH)
    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)

 #else

@@ -1063,7 +1063,7 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)

 #if defined(WOLFSSL_KCAPI_HASH)
    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)

 #else

@@ -1135,7 +1135,7 @@ int wc_Sha512Final(wc_Sha512* sha512, byte* hash)

 #endif /* WOLFSSL_KCAPI_HASH */

-#ifndef WOLFSSL_SE050
+#if !defined(WOLFSSL_SE050) || !defined(WOLFSSL_SE050_HASH)
 int wc_InitSha512(wc_Sha512* sha512)
 {
    return wc_InitSha512_ex(sha512, NULL, INVALID_DEVID);
@@ -1217,7 +1217,7 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
 }
 #endif /* OPENSSL_EXTRA */
 #endif /* WOLFSSL_SHA512 */
-#endif /* !WOLFSSL_SE050 */
+#endif /* !WOLFSSL_SE050 || !WOLFSSL_SE050_HASH */


 /* -------------------------------------------------------------------------- */
@@ -1228,7 +1228,7 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
 #if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) && \
    !defined(WOLFSSL_QNX_CAAM)
    /* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
    int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
    {
        if (sha384 == NULL) {
@@ -1566,7 +1566,7 @@ int wc_Sha512_224Update(wc_Sha512* sha, const byte* data, word32 len)

 #if defined(WOLFSSL_KCAPI_HASH)
    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)

 #else
 int wc_Sha512_224FinalRaw(wc_Sha512* sha, byte* hash)
@@ -1585,7 +1585,7 @@ void wc_Sha512_224Free(wc_Sha512* sha)
 }
 #if defined(WOLFSSL_KCAPI_HASH)
    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)


 #else
@@ -1630,7 +1630,7 @@ int wc_Sha512_256Update(wc_Sha512* sha, const byte* data, word32 len)
 }
 #if defined(WOLFSSL_KCAPI_HASH)
    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_SE050)
+#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)

 #else
 int wc_Sha512_256FinalRaw(wc_Sha512* sha, byte* hash)